
package com.rpay.admin.config.jwt;

import com.alibaba.druid.util.StringUtils;
// todo   adminuserdetails
import com.rpay.admin.config.security.MyUserDetails;
import com.rpay.admin.config.security.MyUserDetailsService;
import com.rpay.common.util.common.CommonUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.stereotype.Component;


/**
 * <p/>
 */
@Component
public class JsonWebTokenAuthenticationProvider implements AuthenticationProvider {

    /*private JsonWebTokenUtility tokenService = new JsonWebTokenUtility();*/
//todo 待完善
    @Autowired
    private MyUserDetailsService userService;
    private JsonWebTokenUtility jsonWebTokenUtility = new JsonWebTokenUtility();

    @Override
    public Authentication authenticate(Authentication authentication)
            throws AuthenticationException {
        System.out.println("--------验证token-------" + authentication.toString());
        Authentication authenticatedUser = null;
        // Only process the PreAuthenticatedAuthenticationToken
        if (authentication.getClass().
                isAssignableFrom(PreAuthenticatedAuthenticationToken.class)
                && !CommonUtils.isEmpty(authentication.getPrincipal())) {
            String tokenHeader = (String) authentication.getPrincipal();
            if (StringUtils.isEmpty(tokenHeader)) {
                throw new BadCredentialsException("token not found.");
            }

            UserDetails userDetails = parseToken(tokenHeader);
            if (userDetails != null) {
                authenticatedUser =
                        new JsonWebTokenAuthentication(userDetails, tokenHeader, true);
            }
        } else {
            // It is already a JsonWebTokenAuthentication
            authenticatedUser = authentication;
        }
        return authenticatedUser;
    }

    private UserDetails parseToken(String tokenHeader) {
        UserDetails principal = null;
        AuthTokenDetails authTokenDetails = jsonWebTokenUtility.parseAndValidate(tokenHeader);

        if (authTokenDetails != null) {
            String username = authTokenDetails.getUsername();
            //todo
            MyUserDetails user = (MyUserDetails) userService.loadUserByUsername(username);
            if (user == null) {
                throw new BadCredentialsException("Username not found.");
            }
            // todo
            if (user.getUserType() == 5 &&
                    user.getStatus() == 2) {
                throw new BadCredentialsException("用户被冻结");
            }
            // userId介入Spring Security
            principal = user;
        }
        return principal;
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return
                authentication.isAssignableFrom(
                        PreAuthenticatedAuthenticationToken.class) ||
                        authentication.isAssignableFrom(
                                JsonWebTokenAuthentication.class);
    }

}
